Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15
patchinfo.19785
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.19785
<patchinfo incident="19785"> <issue tracker="bnc" id="1185918">VUL-0: CVE-2021-28652: squid,squid3: SQUID-2021:3 Denial of Service issue in Cache Manager</issue> <issue tracker="bnc" id="1185916">VUL-0: CVE-2021-31806: squid,squid3: SQUID-2021:4 Multiple Issues in HTTP Range header</issue> <issue tracker="bnc" id="1185923">VUL-0: squid,squid3: SQUID-2021:5 Denial of Service in HTTP Response processing</issue> <issue tracker="bnc" id="1185919">VUL-0: CVE-2021-28662: squid,squid3: SQUID-2021:2 Denial of Service in HTTP Response Processing</issue> <issue tracker="bnc" id="1171164">AUDIT-TASK: permissions: %_libexecdir changes from /usr/lib to /usr/libexec, affects multiple entries</issue> <issue tracker="bnc" id="1171569">AUDIT-1: squid: permissions and location of /usr/sbin/basic_pam_auth</issue> <issue tracker="bnc" id="1185921">VUL-0: CVE-2021-28651: squid,squid3: SQUID-2021:1 Denial of Service in URN processing</issue> <issue tracker="bnc" id="1183436">VUL-0: CVE-2020-25097: squid: HTTP Request Smuggling (SQUID-2020:11)</issue> <issue tracker="cve" id="2021-28652"/> <issue tracker="cve" id="2020-25097"/> <issue tracker="cve" id="2021-28651"/> <issue tracker="cve" id="2021-28662"/> <issue tracker="cve" id="2021-31806"/> <packager>adamm</packager> <rating>important</rating> <category>security</category> <summary>Security update for squid</summary> <description>This update for squid fixes the following issues: - update to 4.15: - CVE-2021-28652: Broken cache manager URL parsing (bsc#1185918) - CVE-2021-28651: Memory leak in RFC 2169 response parsing (bsc#1185921) - CVE-2021-28662: Limit HeaderLookupTable_t::lookup() to BadHdr and specific IDs (bsc#1185919) - CVE-2021-31806: Handle more Range requests (bsc#1185916) - CVE-2020-25097: HTTP Request Smuggling vulnerability (bsc#1183436) - Handle more partial responses (bsc#1185923) - fix previous change to reinstante permissions macros, because the wrong path has been used (bsc#1171569). - use libexecdir instead of libdir to conform to recent changes in Factory (bsc#1171164). - Reinstate permissions macros for pinger binary, because the permissions package is also responsible for setting up the cap_net_raw capability, currently a fresh squid install doesn't get a capability bit at all (bsc#1171569). - Change pinger and basic_pam_auth helper to use standard permissions. pinger uses cap_net_raw=ep instead (bsc#1171569) </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor